Xfinity Support's profile

Official Employee

 • 

64 Messages

Monday, December 18th, 2023 10:17 PM

Closed

Xfinity was impacted by a data security incident

To learn about what we’re doing to mitigate the issue and protect our customers, click here.

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Contributor

 • 

37 Messages

7 months ago

Just read this information and haven't been notified. Are we, the customers going to be safeguarded against anything. What are we paying for?

We need notification and we should get 2 years of coverage to watch our accounts at the least, again, what are we paying for?

Note: This comment was created from a merged conversation originally titled Comcast’s Xfinity warns customer information ‘likely acquired’ in hacking incident - December 2023

Official Employee

 • 

244 Messages

If you would like to know more about the incident, please visit xfinity.com/dataincident. If you have additional questions, you can reach the dedicated team with more on this at 1-888-799-2560. They are available 24 hours a day, 7 days a week.

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Contributor

 • 

37 Messages

That's typical, you do nothing and your telling us to do the work. What are we paying for every month?

Official Employee

 • 

244 Messages

That's a great question @cpupro, supporting the expansion, creation, and maintenance of our infrastructure to deliver services to your home and area is just one piece of the costs that are a part of our monthly rates. Alternatively, there are items that are provided at no additional cost to our customers for literally every line of business that we provide. Take the internet for example, our xFi Advanced Security helps prevent customers from accidentally accessing risky sites, blocks remote access to smart devices from known dangerous sources and monitors network activity in real time to prevent security risks.

 

Additionally, we provide an Xfinity email service at no additional charge for use, space, or maintenance of the service. There are many more perks and benefits that our customers are provided with that there are additional costs for.

 

Some of our regular costs of operation that are incorporated into the monthly service rate include the overall cost of operations and support like having a team here in our Forums to answer your questions and help with concerns and/or troubleshooting together. Having teams over the phone is part of the day-to-day along with support for development teams, engineering, repair, technicians and their materials and equipment needed, maintenance teams, equipment design teams, etc. The list is literally never-ending if we were to list out all of the teams and departments that work together to create and support services to our entire footprint.

 

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Contributor

 • 

37 Messages

Let me ask this. We used to get $10.00 off per month if you direct billed to a credit card which I have done for years. No paper statements just money going directly to you. NOW, you have changed this to only give us $5.00 a month if we direct bill to our credit card BUT if we give you the information to pull out this money directly from our bank you'll give us $10.00 an month. Why, if you can't protect our data would we do that? If they get our bank information they can take all the money we live on. If they get the credit card information we can only get charged a small amount.

It doesn't work out as far as I can see to give you any more personal information than you already have.

Official Employee

 • 

2.2K Messages

@cpupro our policies, promotions, discounts etc do change over time. It is your choice to have paperless billing and auto-pay set up on your accounts and if you are going to pay using a debit/credit card or bank account for payment. If you do not want to provide your information you can remove autopay by following this link: https://www.xfinity.com/support/articles/setting-up-auto-payments. Here is a link: https://www.xfinity.com/support/articles/one-time-bill-pay-options-through-my-account on how to make 1 time bill payments. 

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Contributor

 • 

85 Messages

7 months ago

How did this happen? Online security is always a top priority for me. I have already activated 2 step verify and changed my password. Very concerned.

Note: This comment was created from a merged conversation originally titled DATA BREACH??

Official Employee

 • 

412 Messages

@kimochi1777 you can learn more about what we are doing to protect our customers here

 

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Contributor

 • 

284 Messages

Hmmm, two months go by before customers are notified, wonderful.  Love the customer focus of comcast and why isn't comcast offering free credit monitoring like most other companies that have had their databases hacked????  Makes one feel like comcast is saying "oh well it happened, sorry." BTW here are price increases to make you feel better.  Wish my area had an other provider as I would be with them so fast.  Yes, I am not a happy customer.

1 Message

7 months ago

If Xfinity was notified by Citrix of the exposure on the 10th, why did it take until the 16th before all of the affected servers to be patched? This is a serious breach of security and those who were responsible for authorizing the immediate patching of the systems should be held accountable.  If the affected servers were immediately patched on the 10th or as soon as Xfinity was notified by Citrix I can understand the situation. But waiting 6 or more days before taking action is irresponsible.  Customers want to know why there was such a long delay.

Official Employee

 • 

1.6K Messages

Hi, @TC851! Thanks for taking the time out of your day to visit XFINITY over our forums page for help. Great question. I would be wondering the same thing. For more information, please feel free to visit this link for more details

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Frequent Visitor

 • 

10 Messages

How can I get help with my comcast email not working but it works on the site only?  

Contributor

 • 

206 Messages

7 months ago

Well, this explains the mysterious requirement for my wife and I to perform a password reset, I think around the first week of December, in fact looking it up, it was December 5. Not a single mention of what was driving the reset requirement nor anything else. Just "oh, we periodically require password resets on ones that have not been changed for some time". Give me a break.

From the Data Breach PDF: "What Information Was Involved? On December 6, 2023, we concluded that the information included
usernames and hashed passwords. For some customers, other information was also included, such as
names, contact information, last four digits of social security numbers, dates of birth and/or secret
questions and answers. However, our data analysis is continuing, and we will provide additional notices
as appropriate."

Hopefully, we are not among the "some customers"! We'll probably just see our rates go up, to help finance better security!

Regular Visitor

 • 

5 Messages

7 months ago

So is this the reason people had to reset passwords a month ago or so?  Strange how Comcast never mentioned that it was because of a HUGE security breach. Also Comcast stated this week that notices had been sent out to customers about the breach.    I'm a customer and so is my sister.  Neither one of us received anything from Comcast about the breach.  We read about it on various news sites.  Your customer service has all but disappeared. 

Frequent Visitor

 • 

10 Messages

True!  they want u to use an app on yr phone. i dont email on my phone. I went to get help because email not sending so went on xfinity site. had me change password, now email is offline cant send. then when attempting to get online help ...nothing!! 

Contributor

 • 

208 Messages

7 months ago

I also knew when I had to change my password something had happened. Why did I have to learn about it on the news instead of an explanation from the company that has much of my financial information. What are you doing for the millions that this breach affected??  Have you notified the customers that had information stolen or do we just hope it wasn't one of us.

Contributor

 • 

23 Messages

7 months ago

Someone that works for Xfinity has hacked my phone and is using it to cause problems with my service and sending me [Edited: "Language"] emails while doing so. In case you didn't know, they have absolutely no security team to help with this and they are most certainly not protecting your private information. [Edited: "Soliciation"/"Inflammatory"]. And if you are tempted to use their mobile service because the price is so good, there's a reason for that. Nobody with Xfinity Mobile knows what the [Edited: "Language"] they are doing and if you can even get someone on the phone they can barely speak English. [Edited: "Inflammatory"]

EDIT: Please keep it clean. We ask that users avoid inflammatory remarks and/or language. For more details on the types of posts that are prohibited, see here

(edited)

Frequent Visitor

 • 

10 Messages

Im running into similar problem of,   no one at xfinity to help with my email working on there site....but my mac email with this same address says "unable to verify ID or password.  Thinking maybe with data breach they got rid of my email ? so it does not show up on my mac?

but !!! i can get that address 'email' on their site......BUT under a different email address.      Scary to think the reason they will not call back is because NO one to help?

instead I got a txt message from spam  on a phone i dont use thru comcast.

Official Employee

 • 

1.2K Messages

Hello and welcome to Comcast @ps89. I am sorry to hear that you are not able to receive email on your Mac. Did you recently change the password to your Xfinity email address? Also I see that you are able to access your email on the webmail portal. It sounds like you need to just update the password on your Mac. Here is a link https://www.xfinity.com/support/articles/pop-imap-mac-mail to help you go to your Mac settings and update the password. 

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Contributor

 • 

208 Messages

7 months ago

Was our credit card information that Xfinity insist we use for direct billing compromised. And you actually wanted to have my Bank account on file.  Please advise and the link posted for information on this breach does not work for me.

Problem Solver

 • 

1.3K Messages

@Terry0327

I understand the feedback. If you would like more informaiton on the situation please call the IDX team at 888-799-2560.

I no longer work for Comcast.

Contributor

 • 

284 Messages

@XfinityJodie​ I don't understand why your team does not have this information instead of telling a customer "oh here call this other number" so the customer can wade through another IVR system instead of having something that you can put as an answer that I would figure many other people would have that have provided direct payment information.  Comcast has the worst customer service I have ever experienced I hate to say.  I was in customer service for a very long time and I continue to shake my head at the way comcast does it.

Official Employee

 • 

1.7K Messages

We deeply apologize for any confusion that this may cause for you @fedup978.  However, due to that being a specialty team where we are more of a broader stoke of a department, that specialty team will be able to answer your in depth questions as to what is going on.  

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Frequent Visitor

 • 

10 Messages

@XfinityJodie​  will this number help me with my email problems?

4 Messages

7 months ago

Dear Xfinity,

Dear Xfinity,


WHO IS HAVING PROBLEMS WITH THE RECENT HACK OF XFINITY WITH NO RESOLUTION ?  I have spent hours on the phone due to hacking of my passwords for email, WiFi, login etc…  I have spoken to the 1st level of IT support at Xfinity and have received no solution to the issues I have been having with my apple devices not syncing with their email platform.  My devices are IMAP devices and the web site is  OWA.  The Citrix / Xfinity hacking has corrupted my devices and I have been through all protocols with apple support.  If you do not provide information as to the status of this event from top level IT support as to when the residual damage to customers devices will be resolved I will be looking for another internet provider.   

Note: This comment was created from a merged conversation originally titled Xfinity / Citrix Hacking December 2023

Expert

 • 

30.6K Messages

@user_5njl7e 

Dear Xfinity,

Dear Xfinity,


WHO IS HAVING PROBLEMS WITH THE RECENT HACK OF XFINITY WITH NO RESOLUTION ?  I have spent hours on the phone due to hacking of my passwords for email, WiFi, login etc…  I have spoken to the 1st level of IT support at Xfinity and have received no solution to the issues I have been having with my apple devices not syncing with their email platform.  My devices are IMAP devices and the web site is  OWA.  The Citrix / Xfinity hacking has corrupted my devices and I have been through all protocols with apple support.  If you do not provide information as to the status of this event from top level IT support as to when the residual damage to customers devices will be resolved I will be looking for another internet provider.   

If you went through the comcast website to change your passwords, did you change them on your devices as well?  I am not familiar with apple products but depending on what email client you're using you may need to change your password in two different places.  That's about all I know which isn't much, I admit.

I am not a Comcast Employee.
I am a Customer Expert volunteering my time to help other customers here in the Forums.
We ask that you post publicly so people with similar questions may benefit from the conversation.

Was your question answered? Please mark an Accepted Answer!tick

Problem Solver

 • 

1.5K Messages

The "Hack" on Citrix managed cloud instances happened back in October, where millions of users were impacted by a data theft.  Name, social security number (if you provided it), email addresses, phone numbers and addresses.  

Xfinity claims they patched their systems a few days after Citrix released a patch with their announcement, but Xfinity didn't figure out the impact until December, but it's far too late by then and your data was gone and likely was exposed to the wild long before Citrix figured out there was a problem and released a patch for it back in October.

YOUR personal device isn't "hacked", but your account details are.  With that, an attacker can change your password and intercept your email, and possibly for other accounts you have your Xfinity account linked with for password recovery and for two factor authentication.  They can also do this by phone since they have all of your account details to impersonate you.

For mitigation, Xfinity enforced a password change globally.  This causes issues when you have several devices checking mail and failing authentication.  Your account can be temporarily locked out.  It's also possible your account is currently hijacked and forwarding email to some other hostile actor.  Log into web mail with a browser from https://xfinity.com  (click the drop down in the upper right, and check email).   Go into settings -- the little gear icon in the upper right, and make sure you aren't forwarding mail on the left pane.  

If you can't log into webmail using your updated password that you set, then your account is compromised so you'll have to call them.  https://internetsecurity.xfinity.com/help/report-abuse   

Other users report you may also have to enable two factor authentication for your account from now on or your mail won't work.  You do that on the main login page https://xfinity.com under your account.  

If your devices can't check mail with the new password, the first thing you want to do is stop them from checking your mail and failing authentication.  They will lock your account from repeated failed attempts.  Follow the links on this post and see if any of them help:

https://forums.xfinity.com/conversations/email/apple-mail-cannot-connect-to-my-comcast-mailbox/658394bef961c6163a32ae59?commentId=65840c96f961c6163a32b286 

Remember DO NOT REUSE PASSWORDS between email accounts (comcast/owa/gmail/your bank...etc).  When one gets hacked like Xfinity, they all will.  I'd also consider Xfinity email burned.  Do not use them for anything important again.

4 Messages

Thank you !   First real explanation I have received !

Problem Solver

 • 

491 Messages

It was my understanding that the Citrix Bleed 0 Day was hacked more than once. At least around 2016 or 2017. It controls many things such as accounting databases, Toyota, Legal Firms and many others. No respectable company should be using Citrix any longer. 

Problem Solver

 • 

491 Messages

@Again​ With Mac mail and iOS mail the password needs changed on each and every device.

1 Message

7 months ago

This is the 3rd data breech that I have been informed of by a financial or service provider this year.  The other companies provided free credit monitoring services for 2 years to guard against my information being used fraudulently.  The cost of my service keeps going up every year and the quality seems to be going in the opposite direction.  I am willing to pay for additional services if I need them, but Xfinity does not allow you to build a bare bone package and add features that you want.  If I want Internet and phone only, I should be able to get it at a lower rate than TV, internet, and phone.  Most company's make more money by providing additional services which people will pay for.  Comcast just charges more for the same services and the quality of those services is reduced.  Old Bell Telephone was split up for the same kind of practices.

Official Employee

 • 

331 Messages

@user_bzuoeb I can understand how frustrating the bill rising can be. We as employees are customers as well and see it ourselves. We do not offer any a la carte packages like you describe but we'd be happy to find you a lower rate if one is available. Please direct message us your full name and address. 

 

Here's the detailed steps to direct message us:

  • Click "Sign In" if necessary
  • Click the "Direct Message” icon (upper right corner of this page)
  • Click the "New message" (pencil and paper) icon
  • Type "Xfinity Support" in the to line and select "Xfinity Support" from the drop-down list
  • Type your message in the text area near the bottom of the window

• Press Enter to send your message

1 Message

7 months ago

Is Xfinity offering free identy fraud protect because of the breach or do we have to get it on our own and bill Xfinity for it?

Concerned customer

Contributor

 • 

284 Messages

@user_e43v80​ This is a similar question that others have asked also.  IMHO it does not appear that comcast is going to offer anything like that until the states push/ force comcast  to do that.  Other companies have done it as a "good will" gesture to their customer base. 

Official Employee

 • 

1.1K Messages

 

fedup978, Thank you for reaching out to Xfinity Support. The best thing to do is to change your password at this time. If you need further support, please send us a DM with your name and full address, and we would be happy to assist you. 

 

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Contributor

 • 

284 Messages

@XfinityAngie​ Changing the password is not doing anything other than changing the access to get into the comcast account.  comcast has already lost the key information about their customer base to someone that can be used against the customers.  The fact that comcast has not offered anything to the customers except raised prices says that this needs to be taken to a whole new level.

Official Employee

 • 

2.4K Messages

@fedup978 That is the recommended action to secure your account. For more information you can visit www.xfinity.com/dataincident.

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

Regular Visitor

 • 

5 Messages

7 months ago

 Comcast isn't doing anything other then telling people to change their passwords.     They are however raising their prices this month!

7 months ago

So, my phone and internet (as well as entire family's) has been compromised. This didn't occur in October or November. This has been ongoing since August. I suspect there have probably been vulnerabilities since before the dates we have been "informed" of. What is Xfinity doing to help those whose data has been clearly stolen? My phone and computer literally show up as an Apple Webkit on IP chicken. LOL. And I have a weird certificate on my phone...yeah...it's rooted. And so is my entire family's. Xfinity, has this happened to any of your customers, too? Or what? 

1 Message

6 months ago

  • TAD

    Have been trying to change passwords on my 3 accounts since I was notified to do so after the data breach.  However, I can change only the primary account password and when I try to change passwords on either of the other email accounts, it flips me back to the primary account page and I cannot progress further.  I have tried to call xfinity numerous times...because I only now have email with Comcast (I live in an area now where Comcast/xFinity is not available), I cannot access the phone tree when calling the 800 number and it just hangs up on me, no matter what I try (including saying representative, live body, ****, 0000...nothing works).  Any suggestions.  I have two email accounts for which I have no access since first of December.  Would love to talk to a live body at xfinity.

Official Employee

 • 

1.5K Messages

Hello, @user_zkfotq. Thanks for posting on our community forums for assistance. To confirm, is this email associated with an active account? Or was your account closed, but you still have access to the secondary emails? 

I am an Official Xfinity Employee.
Official Employees are from multiple teams within Xfinity: CARE, Product, Leadership.
We ask that you post publicly so people with similar questions may benefit from the conversation.
Was your question answered? Please, mark a reply as the Accepted Answer.tick

1 Message

6 months ago

A few comments:

  1. I was almost 100% sure Xfinity experienced a breech when I was forced to change my password - I do appreciate getting notified shortly after though.
  2. Years ago I contacted Xfinity regarding my INABILITY to set 2 FACTOR AUTHENTIFICATION on my ALTERNATE COMCAST EMAIL ACCOUNTS because the Comcast's system does not allow a cell phone number to be tied to more than 1 account.
    • Since my cell phone number is already tied to my primary email account it will not allow me to use it for 2 FACTOR AUTHENTIFICATION on my secondary email account(s). 
    • THIS IS BAD SECURITY POLICY and NEEDS TO BE FIXED!
  3. I just spent about 30 minutes attempting to find a contact us email for Xfinity - NOT FOUND - NOT GOOD CUSTOMER SERVICE (IMHO)
    • All I found was Chat (no phone number or email contact). If either exist, they hide it really well!

3 Messages

I was asked to change my password as well, had no idea of a breach.  I think it should have been communicated to all customers. 

forum icon

New to the Community?

Start Here